A mobile application needs to authenticate users using their social media accounts (Facebook, Google) and then grant them temporary access to upload photos directly to an Amazon S3 bucket.<br/><br/>Which AWS service combination should a solutions architect use?

Answer options:

AWS IAM users and AWS STS

Amazon Cognito User Pools and Amazon Cognito Identity Pools

AWS IAM Identity Center (AWS SSO) and Amazon S3

Amazon API Gateway and AWS Lambda

How to approach this question

Differentiate between workforce identity and consumer identity services.

Full Answer

B.Amazon Cognito User Pools and Amazon Cognito Identity Pools✓ Correct

Cognito Identity Pools (Federated Identities) enable you to create unique identities for your users and federate them with identity providers. With an identity pool, you can obtain temporary, limited-privilege AWS credentials to access other AWS services.

Common mistakes

Confusing Cognito User Pools (authentication) with Identity Pools (authorization/AWS credentials).

Question 02 All questions Question 04

Practice the full AWS SAA-C03 Practice Exam 6

65 questions · hints · full answers · grading

More questions from this exam

Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team wants...Medium Q02A company has two AWS accounts: Account A for development and Account B for production. Developer...Medium Q04A company is running an application on Amazon EC2 instances. The application needs to connect to ...Medium Q05A company has 50 AWS accounts managed by AWS Organizations. The IT team wants to implement a cent...Easy Q06A company wants to restrict access to an Amazon S3 bucket so that only requests originating from ...Medium

View all 65 questions →